Signature生成サンプル (PowerShell)

Signature生成サンプル

このサンプルはAPI利用方法で示した署名(Signature)の生成方法を紹介するためのものです。

PowerShell v3 以降にて動作を確認しております。

サンプルプログラムでは署名を生成するのみで、APIのリクエストは行いません。

サンプルコード

$IIJAPI_EXPIRE=(Get-Date).ToUniversalTime().AddHours(1).ToString("yyyy-MM-ddTHH:mm:ssZ")
$IIJAPI_SECRET_KEY="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
$IIJAPI_ACCESS_KEY="XXXXXXXXXXXXXXXXXXXX"
 
$METHOD="GET"
$API="contract"
$APIVERSION="20140602"
$SERVICECODE="cac12345678"

if ($METHOD -eq "GET") {
  $TYPE = ""
} else {
  $TYPE = "application/json"
}

$string_to_sign = 
  $METHOD + "`n" +
  "" +  "`n" +
  $TYPE +  "`n" +
  ("x-iijapi-expire:" + $IIJAPI_EXPIRE) + "`n" +
  "x-iijapi-signaturemethod:HmacSHA256" + "`n" +
  "x-iijapi-signatureversion:2" + "`n" +
  ("/r/" + $APIVERSION + "/" + $SERVICECODE + "/" + $API + ".json")

$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Text.Encoding]::ASCII.GetBytes($IIJAPI_SECRET_KEY)
$signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($string_to_sign))
$signature = [Convert]::ToBase64String($signature)

echo $signature

Signature生成サンプル 実行例

SecretKey、API有効期限を環境変数で与えます。

AccessKeyはAPIリクエスト実行時に使用します。

※このスクリプトはあくまでサンプルです。環境変数、PowerShellのhistoryからAccessKey, SecretKeyが漏洩しないように十分に注意して下さい。
※PowerShell 上でスクリプトを実行させる場合、環境設定の変更が必要になる場合があります。 

PS C:\Users\user> .\sign.ps1 
blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q=
PS C:\Users\user> 

APIリクエスト 実行例

生成したSignatureを使用してAPIを実行するサンプルです。
前項のサンプルコードと組み合わせて利用できます。

GET contract
$IIJAPI_REQUEST_HEADERS = @{
  "x-iijapi-Expire"=$IIJAPI_EXPIRE;
  "x-iijapi-SignatureMethod"="HmacSHA256";
  "x-iijapi-SignatureVersion"="2";
  "Authorization"="IIJAPI " + $IIJAPI_ACCESS_KEY + ":" + $signature
}

try {
  $response = Invoke-WebRequest -Method Get -Headers $IIJAPI_REQUEST_HEADERS https://cac.api.iij.jp/r/20140602/cac12345678/contract.json
  #Write-Output $response.StatusCode
  #Write-Output $response.Headers
  Write-Output $response.Content
} catch [System.Net.WebException] {
  Write-Output $_
}

実行結果

{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","PublicFqdn":"www.cac-example.iijgio.jp","CNAME":"xxxxxxxxxx.cas.iijgio.jp","Https":"off","DdoS":"off","Constructions":"on","OriginAccessType":"host","Origin":["origin.cac-example.iijgio.jp"],"OriginSendPublicFqdn":"off","NextOriginAccessType":"host","NextOrigin":["origin.cac-example.iijgio.jp"],"NextOriginSendPublicFqdn":"off","CreatedAt":"2014/02/18"}} 


PUT origin
$IIJAPI_REQUEST_HEADERS = @{
  "x-iijapi-Expire"=$IIJAPI_EXPIRE;
  "x-iijapi-SignatureMethod"="HmacSHA256";
  "x-iijapi-SignatureVersion"="2";
  "Authorization"="IIJAPI " + $IIJAPI_ACCESS_KEY + ":" + $signature
}

$body = @'
{"OriginAccessType":"ip","OriginIPList":["198.51.100.1"]}
'@

try {
  $response = Invoke-WebRequest -Method Put -Headers $IIJAPI_REQUEST_HEADERS -ContentType "application/json" -Body $body https://cac.api.iij.jp/r/20140602/cac12345678/origin.json
  #Write-Output $response.StatusCode
  #Write-Output $response.Headers
  Write-Output $response.Content
} catch [System.Net.WebException] {
  Write-Output $_
}

実行結果

{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","OriginAccessType":"ip","Origin":["198.51.100.1"],"OriginSendPublicFqdn":
 "on","NextOriginAccessType":"ip","NextOrigin": 
["198.51.100.1"],"NextOriginSendPublicFqdn":"on"}}


POST accesslog_key
$IIJAPI_REQUEST_HEADERS = @{
  "x-iijapi-Expire"=$IIJAPI_EXPIRE;
  "x-iijapi-SignatureMethod"="HmacSHA256";
  "x-iijapi-SignatureVersion"="2";
  "Authorization"="IIJAPI " + $IIJAPI_ACCESS_KEY + ":" + $signature
}

$body = @'
{"BasicAuth":"on"}
'@

try {
  $response = Invoke-WebRequest -Method Post -Headers $IIJAPI_REQUEST_HEADERS -ContentType "application/json" -Body $body https://cac.api.iij.jp/r/20140602/cac12345678/accesslog_key.json
  #Write-Output $response.StatusCode
  #Write-Output $response.Headers
  Write-Output $response.Content
} catch [System.Net.WebException] {
  Write-Output $_
}

実行結果

{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","DownloadUrl":"https://help.cas.iijgio.jp/downloads/cac12345678/access_logs","DownloadKey":"wv1msg9yexdivicsxnbx0phrnhg","Expire":"2014-06-10 13:41:01","MaxNum":"20","User":"cac12345678","Password":"-McMSAxEjYOnxA"}}


次のURLでアクセスログ(gzip形式)をダウンロードできます。

https://help.cas.iijgio.jp/downloads/cac12345678/access_logs?log_date=2014-06-09&download_key=wv1msg9yexdivicsxnbx0phrnhg&urlscheme=http